httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s.@apache.org
Subject svn commit: r951904 - in /httpd/httpd/trunk: docs/manual/ssl/ssl_howto.xml modules/ssl/mod_ssl.c modules/ssl/ssl_engine_config.c modules/ssl/ssl_engine_io.c modules/ssl/ssl_private.h
Date Sun, 06 Jun 2010 17:10:24 GMT
Author: sf
Date: Sun Jun  6 17:10:23 2010
New Revision: 951904

URL: http://svn.apache.org/viewvc?rev=951904&view=rev
Log:
Replace LogLevelDebugDump with TRACE log levels

Modified:
    httpd/httpd/trunk/docs/manual/ssl/ssl_howto.xml
    httpd/httpd/trunk/modules/ssl/mod_ssl.c
    httpd/httpd/trunk/modules/ssl/ssl_engine_config.c
    httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
    httpd/httpd/trunk/modules/ssl/ssl_private.h

Modified: httpd/httpd/trunk/docs/manual/ssl/ssl_howto.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/ssl/ssl_howto.xml?rev=951904&r1=951903&r2=951904&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/ssl/ssl_howto.xml (original)
+++ httpd/httpd/trunk/docs/manual/ssl/ssl_howto.xml Sun Jun  6 17:10:23 2010
@@ -301,5 +301,16 @@ Require              valid-user
 </section>
 <!-- /access control -->
 
+<section id="logging">
+    <title>Logging</title>
+
+    <p><module>mod_ssl</module> can log extremely verbose debugging information
+    to the error log, when its <directive module="core">LogLevel</directive>
is
+    set to the higher trace levels. On the other hand, on a very busy server,
+    level <code>info</code> may already be too much. Remember that you can
+    configure the <directive module="core">LogLevel</directive> per module to
+    suite your needs.</p>
+</section>
+
 </manualpage>
 

Modified: httpd/httpd/trunk/modules/ssl/mod_ssl.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/mod_ssl.c?rev=951904&r1=951903&r2=951904&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/mod_ssl.c (original)
+++ httpd/httpd/trunk/modules/ssl/mod_ssl.c Sun Jun  6 17:10:23 2010
@@ -130,9 +130,6 @@ static const command_rec ssl_config_cmds
                 "Enable support for insecure renegotiation")
     SSL_CMD_ALL(UserName, TAKE1,
                 "Set user name to SSL variable value")
-    SSL_CMD_SRV(LogLevelDebugDump, TAKE1,
-                "Include I/O Dump when LogLevel is set to Debug "
-                "([ None (default) | IO (not bytes) | Bytes ])")
     SSL_CMD_SRV(StrictSNIVHostCheck, FLAG,
                 "Strict SNI virtual host checking")
 

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_config.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_config.c?rev=951904&r1=951903&r2=951904&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_config.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_config.c Sun Jun  6 17:10:23 2010
@@ -186,7 +186,6 @@ static SSLSrvConfigRec *ssl_config_serve
     sc->session_cache_timeout  = UNSET;
     sc->cipher_server_pref     = UNSET;
     sc->insecure_reneg         = UNSET;
-    sc->ssl_log_level          = SSL_LOG_UNSET;
     sc->proxy_ssl_check_peer_expire = SSL_ENABLED_UNSET;
     sc->proxy_ssl_check_peer_cn     = SSL_ENABLED_UNSET;
 #ifndef OPENSSL_NO_TLSEXT
@@ -299,7 +298,6 @@ void *ssl_config_server_merge(apr_pool_t
     cfgMergeInt(session_cache_timeout);
     cfgMergeBool(cipher_server_pref);
     cfgMergeBool(insecure_reneg);
-    cfgMerge(ssl_log_level, SSL_LOG_UNSET);
     cfgMerge(proxy_ssl_check_peer_expire, SSL_ENABLED_UNSET);
     cfgMerge(proxy_ssl_check_peer_cn, SSL_ENABLED_UNSET);
 #ifndef OPENSSL_NO_TLSEXT
@@ -1073,30 +1071,6 @@ const char *ssl_cmd_SSLSessionCacheTimeo
     return NULL;
 }
 
-const char *ssl_cmd_SSLLogLevelDebugDump(cmd_parms *cmd,
-                                         void *dcfg,
-                                         const char *arg)
-{
-    SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
-
-    if (strcEQ(arg, "none") || strcEQ(arg, "off")) {
-        sc->ssl_log_level = SSL_LOG_NONE;
-    }
-    else if (strcEQ(arg, "io") || strcEQ(arg, "i/o")) {
-        sc->ssl_log_level = SSL_LOG_IO;
-    }
-    else if (strcEQ(arg, "bytes") || strcEQ(arg, "on")) {
-        sc->ssl_log_level = SSL_LOG_BYTES;
-    }
-    else {
-        return apr_pstrcat(cmd->temp_pool, cmd->cmd->name,
-                           ": Invalid argument '", arg, "'",
-                           NULL);
-    }
-
-    return NULL;
-}
-
 const char *ssl_cmd_SSLOptions(cmd_parms *cmd,
                                void *dcfg,
                                const char *arg)

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_io.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_io.c?rev=951904&r1=951903&r2=951904&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_io.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_io.c Sun Jun  6 17:10:23 2010
@@ -1717,8 +1717,6 @@ static void ssl_io_input_add_filter(ssl_
 void ssl_io_filter_init(conn_rec *c, request_rec *r, SSL *ssl)
 {
     ssl_filter_ctx_t *filter_ctx;
-    server_rec *s = c->base_server;
-    SSLSrvConfigRec *sc = mySrvConfig(s);
 
     filter_ctx = apr_palloc(c->pool, sizeof(ssl_filter_ctx_t));
 
@@ -1742,7 +1740,7 @@ void ssl_io_filter_init(conn_rec *c, req
     apr_pool_cleanup_register(c->pool, (void*)filter_ctx,
                               ssl_io_filter_cleanup, apr_pool_cleanup_null);
 
-    if (APLOGcdebug(c) && (sc->ssl_log_level >= SSL_LOG_IO)) {
+    if (APLOGctrace4(c)) {
         BIO_set_callback(SSL_get_rbio(ssl), ssl_io_data_cb);
         BIO_set_callback_arg(SSL_get_rbio(ssl), (void *)ssl);
     }
@@ -1783,7 +1781,7 @@ static void ssl_io_data_dump(server_rec 
     rows = (len / DUMP_WIDTH);
     if ((rows * DUMP_WIDTH) < len)
         rows++;
-    ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr,
+    ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr,
             "+-------------------------------------------------------------------------+");
     for(i = 0 ; i< rows; i++) {
 #if APR_CHARSET_EBCDIC
@@ -1822,13 +1820,13 @@ static void ssl_io_data_dump(server_rec 
             }
         }
         apr_cpystrn(buf+strlen(buf), " |", sizeof(buf)-strlen(buf));
-        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr,
+        ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr,
                      "%s", buf);
     }
     if (trunc > 0)
-        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr,
+        ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr,
                 "| %04ld - <SPACES/NULS>", len + trunc);
-    ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr,
+    ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr,
             "+-------------------------------------------------------------------------+");
     return;
 }
@@ -1852,18 +1850,18 @@ long ssl_io_data_cb(BIO *bio, int cmd,
     if (   cmd == (BIO_CB_WRITE|BIO_CB_RETURN)
         || cmd == (BIO_CB_READ |BIO_CB_RETURN) ) {
         if (rc >= 0) {
-            ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
+            ap_log_error(APLOG_MARK, APLOG_TRACE4, 0, s,
                     "%s: %s %ld/%d bytes %s BIO#%pp [mem: %pp] %s",
                     SSL_LIBRARY_NAME,
                     (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "write" : "read"),
                     rc, argi, (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "to" : "from"),
                     bio, argp,
                     (argp != NULL ? "(BIO dump follows)" : "(Oops, no memory buffer?)"));
-            if ((argp != NULL) && (sc->ssl_log_level >= SSL_LOG_BYTES))
+            if ((argp != NULL) && APLOGctrace7(c))
                 ssl_io_data_dump(s, argp, rc);
         }
         else {
-            ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
+            ap_log_error(APLOG_MARK, APLOG_TRACE4, 0, s,
                     "%s: I/O error, %d bytes expected to %s on BIO#%pp [mem: %pp]",
                     SSL_LIBRARY_NAME, argi,
                     (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "write" : "read"),

Modified: httpd/httpd/trunk/modules/ssl/ssl_private.h
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_private.h?rev=951904&r1=951903&r2=951904&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_private.h (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_private.h Sun Jun  6 17:10:23 2010
@@ -150,18 +150,6 @@ ap_set_module_config(c->conn_config, &ss
 #endif
 
 /**
- * Define the per-server SSLLogLevel constants which provide
- * finer-than-debug resolution to decide if logs are to be
- * assulted with tens of thousands of characters per request.
- */
-typedef enum {
-    SSL_LOG_UNSET  = UNSET,
-    SSL_LOG_NONE   = 0,
-    SSL_LOG_IO     = 6,
-    SSL_LOG_BYTES  = 7
-} ssl_log_level_e;
-
-/**
  * Support for MM library
  */
 #define SSL_MM_FILE_MODE ( APR_UREAD | APR_UWRITE | APR_GREAD | APR_WREAD )
@@ -512,7 +500,6 @@ struct SSLSrvConfigRec {
     BOOL             insecure_reneg;
     modssl_ctx_t    *server;
     modssl_ctx_t    *proxy;
-    ssl_log_level_e  ssl_log_level;
     ssl_enabled_t    proxy_ssl_check_peer_expire;
     ssl_enabled_t    proxy_ssl_check_peer_cn;
 #ifndef OPENSSL_NO_TLSEXT
@@ -583,7 +570,6 @@ const char  *ssl_cmd_SSLOptions(cmd_parm
 const char  *ssl_cmd_SSLRequireSSL(cmd_parms *, void *);
 const char  *ssl_cmd_SSLRequire(cmd_parms *, void *, const char *);
 const char  *ssl_cmd_SSLUserName(cmd_parms *, void *, const char *);
-const char  *ssl_cmd_SSLLogLevelDebugDump(cmd_parms *, void *, const char *);
 const char  *ssl_cmd_SSLRenegBufferSize(cmd_parms *cmd, void *dcfg, const char *arg);
 const char  *ssl_cmd_SSLStrictSNIVHostCheck(cmd_parms *cmd, void *dcfg, int flag);
 const char *ssl_cmd_SSLInsecureRenegotiation(cmd_parms *cmd, void *dcfg, int flag);



Mime
View raw message